If you're using Cloudflare in front of your applications, you'll need to configure a couple of settings:

SSL Settings
Setting SSL mode to Full will encrypt traffic end-to-end between clients and your application. Cloudflare acts as a proxy so customers connect to Cloudflare using their SSL certificate. Then Cloudflare connects to your application using your application's SSL certificate. This keeps traffic fully secure end-to-end.

⚠️ Flexible requires the backend to be HTTP-only which can cause infinite redirects.

Edge Certificate TLS Versions
TLS 1.1 and earlier are no longer considered secure, however Cloudflare defaults to TLS 1.0 for compatibility with old devices. This is not secure, so we recommend setting the minimum to TLS 1.2.

You can find this under your domain -> SSL/TLS -> Edge Certificates.